The plugin does not escape some of its settings when outputting them in attribute in the frontend, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed
Put the following payload in the "Alt text" setting of the plugin, then view any page in the frontend to trigger it: " onload=alert(/XSS/)//